Experts question guilty verdict for AT&T 'hackers' - CSO Online - Security and Risk: ". . . security experts tend to agree with Auernheimer's attorney, Tor Ekeland, who told Ansel Halliburton that the verdict should concern "any legitimate security researcher," because Auernheimer and Spitler didn't hack through any security on the AT&T website. They also agree with Halliburton that the CFAA is hopelessly vague and outdated, since it was created before the evolution of the Web. "Auernheimer is charged with participating in a conspiracy to violate the FAA by 'intentionally access[ing] a computer without authorization or exceed[ing] authorized access, and thereby obtain[ing]...information from [a] protected computer,'" Halliburton wrote. "But what exactly does that mean?" The language, he said, comes from a law that defines "protected computer" as either a government or bank computer, or as any computer "which is used in or affecting interstate or foreign commerce or communication." "Maybe that worked in 1986 when not that many computers were networked in interstate commerce, but in 2012, it covers almost anything with a microprocessor." Kevin Mitnick, once known as the world's "most wanted hacker" and now a security consultant, also said the CFAA is neither clear nor up to date. And he said as written, it is so broad that just about anybody who uses the Internet could be convicted. . . . Mitnick said he thinks the government's case "is a joke, because anyone can be accused of unauthorized access by simply visiting a web site. How ridiculous is that?""
more news below
Post a Comment